Password Policy Minimum Password Length too weak
Impact area
Security
Severity
High
Affected element
Profile
Org Config
Rule ID
SF-0112
Impact
Allowing weak minimum password length policies can open you up to brute force or dictionary attacks.
Remediation
Set to 8 characters or more the minimum number of characters required for a password.
Time to fix
30 min
References
This rule is linked to Common Weakness Enumeration CWE-521 Weak Password Requirements.